class UsersController < ApplicationController
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem
  
  def index
    
    if(params[:x1] != nil && params[:x2] != nil && params[:y1] != nil && params[:y2] != nil)
      x1 = params[:x1].split(',')
      x2 = params[:x2].split(',')
      x3 = params[:y1].split(',')
      x4 = params[:y2].split(',')
      
      @users = User.find(:all,:conditions => ["MBRContains(GeomFromText('Polygon((? ?, ? ?, ? ?, ? ?, ? ?))'),location)", x1[0].to_d, x1[1].to_d, x2[0].to_d, x2[1].to_d, x3[0].to_d, x3[1].to_d, x4[0].to_d, x4[1].to_d, x1[0].to_d, x1[1].to_d])
      
      respond_to do |format|
        format.json { render :json => @users.count}
      end
    else
      respond_to do |format|
        format.json { head :ok}
      end
    end
  end
  # render new.rhtml
  def new
    @user = User.new
  end
 
  def create
    logout_keeping_session!
    @user = User.new(params[:user])
    if(params[:locationUser].empty? != true)
      coordinates = (params[:locationUser]).split(' ')
      @user.location = Point.from_x_y(coordinates[0], coordinates[1])
    end
    success = @user && @user.save
    if success && @user.errors.empty?
            # Protects against session fixation attacks, causes request forgery
      # protection if visitor resubmits an earlier form using back
      # button. Uncomment if you understand the tradeoffs.
      # reset session
      self.current_user = @user # !! now logged in
      redirect_back_or_default('/', :notice => "Thanks for signing up!  We're sending you an email with your activation code.")
    else
      flash.now[:error]  = "We couldn't set up that account, sorry.  Please try again, or contact an admin (link is above)."
      render :action => 'new'
    end
  end

end
